Blender is subject to symlink attack when the user closes the app without saving their changes. The consequences are that an attacker determined file owned by the victim is overwritten with a .blend file, destroying whatever data was in the file in the process.

Version 2.49.2 isn't vulnerable to this attack since it uses ~/.blender/quit.blend instead of /tmp/quit.blend. I would suggest this behaviour be restored before Blender 2.5 is released.

Hi, revision of the way blender finds directory/file paths for these kinds of resource files is currently in development, and will allow customisation of these with environment variables. Technically this functionality is doing what it is designed to do, so it's not really a bug (there are many more 'security' issues in blender than this).

Incidentally, I'm not sure why 2.49 was saving in ~/.blender/ for you, afaik it has always saved in /tmp, perhaps you didn't have write access there or something.